Tech Insight: Free Tools for Offensive Security

A professional penetration tester offers a look at the latest free and open-source tools available for pen testing and offensive tactics.

A professional penetration tester offers a look at the latest free and open-source tools available for pen testing and offensive tactics.

There are a lot of excellent offensive security tools available online for free, thanks to open-source licenses and the security professionals who've created tools in an effort to give back to the community. But because they are created by individuals or open-source efforts without the marketing and promotion resources of a vendor, these tools may not be well known in the enterprise.

Two years ago I wrote a Tech Insight on offensive security tools that defenders can leverage to help find vulnerabilities and secure their environments. Today, I want to update that list with some currently available tools that should be included in every offensive and defensive security professional's toolbox.

I truly believe that a security professional focused on defense or offense must understand the tools and techniques used by the other side. Those who defend a network should be aware of the attacks they will face and the ways that attackers avoid detection. To become familiar with these approaches, they should try out some of these same attack methods.

Similarly, those focusing on offense must understand defensive strategies, different types of security controls, and the ways that defenders detect attacks. It's easier to detect an attack or evade detection when you know, firsthand, how the defenses work. If defenders understand offensive tools, they can proactively identify potential threats before they become a more serious problem.

A study of offensive methods also helps security teams find the easily exploitable vulnerabilities and fix them, so that future penetration tests can focus on scenario-based assessments tailored around the organization's specific threat profile.

Before we get into the latest tools specific to the four primary stages of penetration testing -- reconnaissance, mapping, vulnerability detection, and exploitation -- there are a couple of books and websites worth mentioning. The first is the Red Team Field Manual, or RTFM, which is essentially a "cheat sheet" of commands in printed form that can be a handy reference to keep in your backpack. If you like the cheat sheet format, then you'll probably like the RTFM book.